diff --git a/all.yml b/all.yml
index 83d22b72b0a66cb889b81bd7c1a3e9f4c801c430..709ba117d65e758e97df9ec12d746853ab7c4512 100755
--- a/all.yml
+++ b/all.yml
@@ -1,15 +1,12 @@
#!/usr/bin/env ansible-playbook
---
-# Set variable adm_iface for all servers
-- import_playbook: plays/get_adm_iface.yml
-
# Core playboot to have minimal configuration
- import_playbook: plays/root.yml
- import_playbook: plays/mail.yml
- import_playbook: plays/nfs.yml
#- import_playbook: plays/logs.yml
-- import_playbook: plays/backup.yml
+#- import_playbook: plays/backup.yml
- import_playbook: plays/network-interfaces.yml
- import_playbook: plays/monitoring.yml
diff --git a/group_vars/crans_server/vars.yml b/group_vars/crans_server/vars.yml
index 7fa4bb529a4b912da144f67232127f94da294a3c..63212423c882f71ea90a20f69be866441b4363a1 100644
--- a/group_vars/crans_server/vars.yml
+++ b/group_vars/crans_server/vars.yml
@@ -4,10 +4,11 @@ ldap:
base: "dc=crans,dc=org"
-# Parameters for debian mirror
+# Parameters for debian and ubuntu mirror
debian_mirror: http://mirror.adm.crans.org/debian
+ubuntu_mirror: http://mirror.adm.crans.org/ubuntu
debian_components: main non-free
-
+ubuntu_components: main restricted universe multiverse
glob_borg:
to_backup:
@@ -22,4 +23,4 @@ glob_borg:
consistency_check:
- disabled
extra_init:
- - make-parent-dirs
+ - make-parent-dirs
\ No newline at end of file
diff --git a/group_vars/reverseproxy.yml b/group_vars/reverseproxy.yml
index 342d671fc1739c01a5a32c02a678acea9980beae..36a4106552197c73acad32a53e7891db5c45769d 100644
--- a/group_vars/reverseproxy.yml
+++ b/group_vars/reverseproxy.yml
@@ -66,25 +66,25 @@ nginx:
# - {from: amap.crans.org, to: 10.231.136.1}
# - {from: pot-vieux.crans.org, to: 10.231.136.1}
# - {from: bonvivens.crans.org, to: 10.231.136.1}
- #
- redirect_sites: []
- # - {from: crans.org, to: www.crans.org}
- #
- # # Aliases or legacy support
- # - {from: factures.crans.org, to: intranet.crans.org}
- # - {from: accounts.crans.org, to: intranet.crans.org}
- # - {from: intranet2.crans.org, to: intranet.crans.org}
- # - {from: clubs.crans.org, to: perso.crans.org}
- # - {from: task.crans.org, to: phabricator.crans.org}
- # - {from: adopteunpingouin.crans.org, to: install-party.crans.org}
- # - {from: i-p.crans.org, to: install-party.crans.org}
- #
- # # To the wiki
- # - {from: wikipedia.crans.org, to: wiki.crans.org}
- # - {from: wifi.crans.org, to: wiki.crans.org/CransD%C3%A9marrage}
- # - {from: television.crans.org, to: wiki.crans.org/CransTv}
- # - {from: tv.crans.org, to: wiki.crans.org/CransTv}
- #
- # # ENS Cachan
- # - {from: crans.ens-cachan.fr, to: www.crans.org}
- # - {from: install-party.ens-cachan.fr, to: install-party.crans.org}
+
+ redirect_sites:
+ - {from: crans.org, to: www.crans.org}
+
+ # Aliases or legacy support
+ - {from: clubs.crans.org, to: perso.crans.org}
+ - {from: task.crans.org, to: phabricator.crans.org}
+ - {from: adopteunpingouin.crans.org, to: install-party.crans.org}
+ - {from: i-p.crans.org, to: install-party.crans.org}
+
+ # To the wiki
+ - {from: wikipedia.crans.org, to: wiki.crans.org}
+ - {from: television.crans.org, to: wiki.crans.org/CransTv}
+ - {from: tv.crans.org, to: wiki.crans.org/CransTv}
+
+ # ENS Cachan
+ - {from: crans.ens-cachan.fr, to: www.crans.org}
+ - {from: install-party.ens-cachan.fr, to: install-party.crans.org}
+
+ static_sites:
+ - www.crans.org
+ - install-party.crans.org
diff --git a/host_vars/bigbluebutton.adm.crans.org b/host_vars/bigbluebutton.adm.crans.org
new file mode 100644
index 0000000000000000000000000000000000000000..53d3a98a63a5a588ccdc109e84b1082b780f441b
--- /dev/null
+++ b/host_vars/bigbluebutton.adm.crans.org
@@ -0,0 +1,4 @@
+---
+interfaces:
+ adm: ens18
+ srv: ens19
diff --git a/hosts b/hosts
index dc61694189d6b6decce9dbf5160409e6e99444fe..7ed9d2a52d4c41317b4f9c3bb4a99aa766229cca 100644
--- a/hosts
+++ b/hosts
@@ -113,6 +113,7 @@ jitsi.adm.crans.org
kenobi.adm.crans.org
roundcube.adm.crans.org
horde.adm.crans.org
+bigbluebutton.adm.crans.org
[ovh_physical]
sputnik.adm.crans.org
diff --git a/plays/network-interfaces.yml b/plays/network-interfaces.yml
index bdba54eb1ff65a86f47c80983d18ca7b11f651a1..76baadb63e5431c9e77bffe0db40dc62b64d1799 100755
--- a/plays/network-interfaces.yml
+++ b/plays/network-interfaces.yml
@@ -1,6 +1,6 @@
#!/usr/bin/env ansible-playbook
---
-- hosts: voyager.adm.crans.org,boeing.adm.crans.org,fluxx.adm.crans.org,hodaur.adm.crans.org,unifi.adm.crans.org,kiwi.adm.crans.org,roundcube.adm.crans.org,monitoring.adm.crans.org
+- hosts: voyager.adm.crans.org,boeing.adm.crans.org,fluxx.adm.crans.org,hodaur.adm.crans.org,unifi.adm.crans.org,kiwi.adm.crans.org,roundcube.adm.crans.org,monitoring.adm.crans.org,bigbluebutton.adm.crans.org
vars:
vlan:
- name: srv
diff --git a/roles/debian-apt-sources/templates/apt/sources.list.j2 b/roles/debian-apt-sources/templates/apt/sources.list.j2
index 25bf63871c2ee6959746c4ffaa8ef01b53328e33..dde04587e95c9def973110532b90929c4218d763 100644
--- a/roles/debian-apt-sources/templates/apt/sources.list.j2
+++ b/roles/debian-apt-sources/templates/apt/sources.list.j2
@@ -1,5 +1,6 @@
{{ ansible_header | comment }}
+{% if ansible_lsb.id == "Debian" %}
# Mises à jour de sécurité
deb {{ debian_mirror }}-security {{ ansible_lsb.codename }}/updates {{ debian_components }}
@@ -8,3 +9,13 @@ deb {{ debian_mirror }} {{ ansible_lsb.codename }} {{ debian_components }}
# Dépôt pour mises à jour fréquentes (volatile)
deb {{ debian_mirror }} {{ ansible_lsb.codename }}-updates {{ debian_components }}
+{% elif ansible_lsb.id == "Ubuntu" %}
+# Mises à jour de sécurité
+deb {{ ubuntu_mirror }} {{ ansible_lsb.codename }}-security {{ ubuntu_components }}
+
+# Dépôt classique
+deb {{ ubuntu_mirror }} {{ ansible_lsb.codename }} {{ ubuntu_components }}
+
+# Dépôt pour mises à jour fréquentes (volatile)
+deb {{ ubuntu_mirror }} {{ ansible_lsb.codename }}-updates {{ ubuntu_components }}
+{% endif %}
diff --git a/roles/ntp-client/tasks/main.yml b/roles/ntp-client/tasks/main.yml
index 2dac6728b2e87f24ebbbdc1ef042dfb68cc5bdb8..8d2c04d124bb68518d7e9677bce415f16040ec6d 100644
--- a/roles/ntp-client/tasks/main.yml
+++ b/roles/ntp-client/tasks/main.yml
@@ -7,7 +7,7 @@
register: apt_result
retries: 3
until: apt_result is succeeded
- when: inventory_hostname in ntp_servers
+ when: inventory_hostname not in ntp_servers
- name: Configure NTP
lineinfile:
@@ -15,4 +15,4 @@
regexp: '^NTP='
line: "NTP={{ ntp_servers | join(' ') }}"
notify: Restart systemd-timesyncd
- when: inventory_hostname in ntp_servers
+ when: inventory_hostname not in ntp_servers
diff --git a/roles/prometheus-node-exporter/tasks/main.yml b/roles/prometheus-node-exporter/tasks/main.yml
index 31460b8f8ed62e57fa5fae8c3471681cfdf19b96..b324f2fbc9b0cd5e66cae74f4ca320bf461d7272 100644
--- a/roles/prometheus-node-exporter/tasks/main.yml
+++ b/roles/prometheus-node-exporter/tasks/main.yml
@@ -8,7 +8,7 @@
retries: 3
until: apt_result is succeeded
when:
- - ansible_lsb.codename == 'buster'
+ - ansible_lsb.codename != 'stretch'
# Prometheus 2 node is in stretch-backports
- name: Install Prometheus node-exporter (stretch-backports)
@@ -46,3 +46,15 @@
owner: root
group: root
mode: 0755
+ when: ansible_lsb.id == 'Debian'
+
+# Install new APT textfile collector, it might be upstreamed one day
+# https://github.com/prometheus-community/node-exporter-textfile-collector-scripts/pull/35
+- name: Patch APT textfile collector
+ copy:
+ src: apt.sh
+ dest: /usr/share/prometheus-node-exporter-collectors/apt.sh
+ owner: root
+ group: root
+ mode: 0755
+ when: ansible_lsb.id == 'Ubuntu'